Fixes#1163
Restores `Request.Body.encoded` static function and
`RequestTemplate.requestBody` to restore compatibility.
Additionally, mark it as deprecated to encourage usage of
`RequestTemplate.body`.
`Request.Body` is an internal abstraction that was made built
in an effort to better manage request body data. It was made
public too early and will be reverted back to it's internal
state in future releases.
Adds additional informatiom into the Soap README that includes details
on how to instruct the SOAP Decoder to use `getFirstChild` instead
of `extractContentAsDocument` in situations where JAXB is unable
to read any xml declarations on the SOAP Envelope.
Fixes#1127
In certain situations the declarations on the SOAP envelope are not
inherited by JAXB when reading the documents. This is particularly
troublesome when it is not possible to correct the XML at the source.
To support this a new `useFirstChild` option has been added to the
`SOAPDecoder` builder that will use `SOAPBody#getFirstChild()`
instead of `SOAPBody#extractContentAsDocument()`. This will allow
users to supply a `package-info.java` to manage the element namespaces
explicitly and define what should occur if the namespace declarations
are missing.
Fixes#1156
Collection Format was encoding query string values unnecessarily
due to changes introduced in #1138 and #1139 that encode template
values before appending them to the query string.
In addition, `decodeSlash` flags that were accidentally removed,
have been restored in QueryTemplate.
* Restoring decodeSlash in QueryTemplate
* Correcting Readme with regards to decodeSlash usage
Fixes#857
To simply removal, Request.Body was returned back to an internal
component and additional methods were added to Request to expose
it's capabilities outside of the object.
All other deprecated usage in core modules has been removed.
Deprecated code still exists in the test cases and will be
removed once the deprecated methods are removed in our next
major release.
Fixes#920
FeignException may contain the data from the response if the response is available and contains data. However, the method `content` is ambiguious and does not reveal it's intent. User's have expressed confusion as to if it is for the Request or the Response.
This change adds a new method `responseBody` to addresse this. Use of content is now `@deprecated`.
Fixes#929
Documentation around when to use a Request Interceptor or a custom
Target when dealing with specific situations such as setting headers
per method or target.
Fixes#1131
Updating documentation around slashes to reflect that now encoding
is consistent across all areas and that `decodeSlash` is required
in all cases.
Relates to #561
Corrects inconsistent processing during Contract parsing with `formParams` are mixed with `@Body` parameters where order of parameters mattered, when it shouldn't.
Test Case:
```java
@RequestLine("POST /")
void formParamAndBodyParams(
@Param("customer_name") String customer,
String body);
@RequestLine("POST /")
void bodyParamsAndformParam(
String body,
@Param("customer_name") String customer);
```
Fixes#1089
Query Template names, which also happen to be templates, were not being
considered when listing out all of the variable names in a Query Template.
* Ensure Iterable values are encoded before template expansion
Fixes#1123, Fixes#1133, Fixes#1102, Fixes#1028
Ensures that all expressions are fully-encoded before being
manipulated during template expansion. This allows parameters
to include reserved values and result in properly encoded
results.
Additionally, `Iterable` values are now handled in accordance
with RFC 6570 allowing for the specified `CollectionFormat` to
be applied and empty parameters to be expanded correctly as this
is the main use case that exhibited this issue.
Fixes#1036
Relaxed the regular expression used to determine if an expression
is valid to support additional expression variable names. We will
no longer restrict what an expression name can be.
* Ensure all brackets are decoded in JSON based Body Templates
Fixes#1129
When JSON is detected in a Body Template, all start and end tokens
that may have been pct-encoded are decoded, ensuring that the
expanded result is valid JSON.
* Fix for HTTP Request Smuggling
Vulnerable module: io.netty:netty-codec-http
Introduced through: io.reactivex:rxnetty-http@0.5.2 and io.reactivex:rxnetty-spectator-http@0.5.2
Exploit maturity: No known exploit
* Fix for Deserialization of Untrusted Data
Vulnerable module: com.google.guava:guava
Introduced through: com.netflix.ribbon:ribbon-core@2.3.0 and com.netflix.ribbon:ribbon-loadbalancer@2.3.0
Exploit maturity: No known exploit
https://app.snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-32236
* Makes iterator compatible with Java iterator expected behavior
both next() and hasNext() should read from stream if needed. both also inspect 'current' member, next() resets it after consuming. exception is thrown when no more elements are available to return.
* Fixing CI - formatting issue
* Expose Method and Target on RequestTemplate
* Add test to check if method metadata is present
* Annotated API changes as being experimental/not API-frozen
* The method parseAndValidatateMetadata has been deleted and parseAndValidateMetadata is used instead;
* Replaced all usages along the project;
* Documented which method to use instead of the deleted one.
Signed-off-by: Cézar Augusto <cezar@stilingue.com.br>
Marvin Froeder
motinis
contextshuffling
Kevin Davis
svenhaag
switchYello
dnsbtchr
Frank Pavageau
Marvin Froeder
Itamar Benjamin
Alex Simkin
Ersin Ciftci
cezar-tech
jerzykrlk